Re: setreuid(2)?

To: Robert Elz <kre%munnari.OZ.AU@localhost>
Subject: Re: setreuid(2)?
From: RVP <rvp%SDF.ORG@localhost>
Date: Wed, 9 Nov 2022 22:59:40 +0000 (UTC)

On Wed, 9 Nov 2022, Robert Elz wrote:

Yes, there's no question that setreuid() works.Mouse's issue was
that setreuid(2) (the man page) says "new code should not use this",
yet for what he wanted to achieve (nothing like your code example),
the supposed replacement method (relying upon saved user ids) doesn't
do anything useful at all.


On Wed, 9 Nov 2022, Mouse wrote:

Probably.  What does that have to do with what I was after?  In my
case, the process forks but does not exec; there is only one executable
involved.


Yes, of course, Mouse would need setreuid() for what he wants to do. I
was addressing the "new code should not use this" case. Even POSIX
acknowledges that setreuid() is the only way right now for unprivileged
users to set the euid and saved uid = uid.

I've never needed to set setreuid() before, so I went looking in the
NetBSD source for usages, and found only about half-a-dozen instances,
and most of them "safe": either not exec()ing binaries or only relying
on setreuid() if _POSIX_SAVED_IDS is not available. But, of course, you
guys would already know all this...

-RVP

References:
- Re: setreuid(2)?
  - From: RVP
- setreuid(2)?
  - From: Mouse
- Re: setreuid(2)?
  - From: Robert Elz

Prev by Date: Re: setreuid(2)?
Next by Date: regex change
Previous by Thread: Re: setreuid(2)?
Next by Thread: regex change
Indexes:

Home | Main Index | Thread Index | Old Index